What is the purpose of configuring both public Content API access and a Permanent Auth Token?
Configuring both allows you to:
Access PUBLISHED content via the public Content API for your live storefront.
Access DRAFT content using a Permanent Auth Token, enabling you to preview unpublished changes (e.g., in a preview URL).
Set up webhooks to trigger frontend builds when content moves from DRAFT to PUBLISHED.
This setup supports both live and preview workflows for content management.
How long does it take to implement Hygraph and connect it to a storefront?
Implementation timelines vary by project, but Hygraph is designed for rapid onboarding. For example, Top Villas launched a new project within 2 months from initial contact, and Si Vale met aggressive deadlines during their implementation. The platform offers a free API Playground, a free forever developer account, and a structured onboarding process to help teams get started quickly. See the Top Villas case study for more details.
Features & Capabilities
What are the key features of Hygraph for connecting storefronts?
Hygraph offers several features for connecting storefronts:
GraphQL-native Content API for flexible data retrieval.
Content federation to integrate multiple data sources.
Smart Edge Cache for enhanced performance and faster content delivery.
Granular permissions and Permanent Auth Tokens for secure access control.
Does Hygraph support previewing draft content before publishing?
Yes, Hygraph supports previewing draft content. By configuring a Permanent Auth Token with access to the DRAFT stage and adding it to your environment variables, you can preview unpublished changes in your storefront before publishing. This is especially useful for content review workflows and quality assurance.
What performance benefits does Hygraph offer for storefronts?
Hygraph delivers high performance for content management and delivery through features like Smart Edge Cache (for faster global content delivery), high-performance endpoints, and optimized GraphQL API performance. These ensure reliability and speed for storefronts with high traffic and global audiences. Read more about performance improvements.
Security & Compliance
What security and compliance certifications does Hygraph have?
Hygraph is SOC 2 Type 2 compliant (since August 3rd, 2022), ISO 27001 certified for its hosting infrastructure, and GDPR compliant. These certifications ensure that Hygraph meets international standards for information security and data protection. Learn more about Hygraph security.
What security features does Hygraph provide for storefront integrations?
Community Slack channel for peer and expert support
Dedicated Customer Success Manager for enterprise customers
These resources ensure a smooth start and ongoing success with Hygraph.
How does Hygraph handle maintenance, upgrades, and troubleshooting?
Hygraph is a cloud-based platform, so all deployment, updates, and infrastructure maintenance are managed by Hygraph. Upgrades and new features are rolled out seamlessly. For troubleshooting, users have access to 24/7 support, real-time Intercom chat, community Slack, and extensive documentation. Enterprise customers receive a dedicated Customer Success Manager for personalized support. See documentation for more details.
Use Cases & Customer Success
Who can benefit from using Hygraph for storefronts?
Hygraph is ideal for developers, product managers, and marketing teams in industries such as ecommerce, automotive, technology, food and beverage, and manufacturing. It's especially valuable for organizations modernizing legacy tech stacks, requiring localization, asset management, or content federation, and for global enterprises seeking scalable, future-proof content management solutions.
Can you share some customer success stories using Hygraph?
Yes. For example:
Komax achieved a 3X faster time to market by managing over 20,000 product variations across 40+ markets via a single CMS.
Samsung improved customer engagement by 15% with a scalable, composable member platform.
Stobag increased online revenue share from 15% to 70% after transitioning to a digital-first approach.
Customers consistently praise Hygraph for its intuitive user interface and accessibility for both technical and non-technical users. It was recognized for "Best Usability" in Summer 2023, and users highlight its flexibility, user-friendliness, and effectiveness for diverse teams. Try Hygraph to experience its usability firsthand.
In the previous lesson, we cloned the starter for local development and deployed our clone to Netlify. We need to make Hygraph accessible to our Next app. First, let's allow read permissions on the Content API. Head over to your project's settings and click on API Access.
We'll start by setting the Content API to its default, which will give us access to all the content in our models, including the remote reviews from the Hygraph Demo API remote source. From this same screen, copy the Content API endpoint URL.
We'll also create a Permanent Auth token. Permanent Auth Tokens (PATs) allow permanent authorization for the content and management API. They are used for controlling access to querying, mutating content and come in the form of Bearer token authentication.
You can learn more about using PATs in your Hygraph project in our API Access documentation.
Why are we configuring both?
We want to have PUBLISHED content accessible through the Public API, and DRAFT content through the PAT.
This is because we want to be able to see DRAFT content in a Preview URL that we will work on in the next lesson, and we also want a webhook that we will configure two lessons from now to trigger our frontend build every time content moves from DRAFT to PUBLISHED.
We need to configure Content API access permissions for unauthenticated requests. To achieve this, we'll to go Project settings > Access > API Access > Content API in our Hygraph project.
There is a Content Permissions box that reads Would you like us to initialize some defaults? We'll click on Yes, initialize defaults.
The content permissions box now looks like this:
Content permissions
If no stage parameter is set on the GraphQL query or additional HTTP header, then content from the selected default stage will be served.
Next, we need to configure tokens for permanent authorization for the content and management API. To do this, we will scroll down a bit from where we just initialized our Content API permissions to the Permanent Auth Tokens section.
We'll click on the + Add token button to display the Add token screen, and we'll write “Draft content” in the Token name field. We'll select DRAFT as our default stage for content delivery using the radio buttons, and we'll click Add & configure permissions to create our token.
Right after creating the token, the API Access screen for that token will display. It contains our Token name & Value, and the permissions for that token.
We'll scroll down to the Content API section, and we'll click Yes, initialize defaults - like we did for our Content API. This will configure Content API access permissions for requests sent using this token.
The content permissions box now looks like this:
Initialized permissions
If no stage parameter is set on the GraphQL query or additional HTTP header, then content from the selected default stage will be served.
Now that we've initialized permissions, copy the file .env.sample in the root of your project and rename it to .env.local and add the variable HYGRAPH_ENDPOINT.
This will be where we paste the endpoint URL we copied from Hygraph:
HYGRAPH_ENDPOINT=YOUR-URL-HERE
Once, we initialize the app, our storefront will be available in the browser at http://localhost:3000/.
Copy the "Draft content" token we created earlier and add it to your .env.local file as HYGRAPH_DEV_AUTH_TOKEN. This token will allow us to gain access to saved content, so that we can preview it before we publish.
The e-commerce starter contains frontend components to create landing pages, product pages along with components to render navigation, CTA, and reviews. While we will not focus on the details of the frontend code, spend some time getting to know your project in your code editor, where key code elements are located in the app directory, and viewing the storefront in your browser.
The GraphQL queries we created in the API Playground are used by Next.js 13's app directory to create dynamic routes such as product and landing pages for our store front.
Starter homepage
Great work! We have a Hygraph project that is not connected to a storefront built with Next 13 and Tailwind CSS. Next, we will configure a preview URL so that we can preview Product pages before they are published.
Product page
Next step
Once you've connected your storefront to your Hygraph project, move on to our next lesson:
